Intrusion Detection System With Data Stream Modeling Using Conditional Privileges

IDS for computer network is capable of detecting and alerting the systems administrator on potential intrusion, providing guidance against any potential loss of integrity and confidentiality to the enterprise's valuable intellectual assets. In this paper, the layered model for IDS and alert aggregation technique is used. In this layered IDS architecture, each layer assesses, filters, and/or aggregates information produced by a lower layer. Thus, relevant information gets more and more condensed and certain, and, therefore, also more valuable.